<?php
// config
// 
$config=$_SERVER['HOME'] . "/.foto";
// contains username\npassword\n
// remember to chmod 600 
$otpw_cache=$_SERVER['HOME'] . "/.otpw";

// end of config
function getconfig(){
	global $config;
	if (!file_exists($config)) {
		return null;
	}
	return file($config);
}
function getotpwcache() {
	global $otpw_cache;
	if (file_exists($otpw_cache)) {
		$l=file($otpw_cache);
		return trim($l[0]);
	}
	return null;
}

$agent="Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"; 
$cookiefile="/tmp/otpwcookies";

if (!file_exists('/usr/bin/curl')) {
	echo "Sorry we need curl to run!\n";
	exit;
}

function postarr2str($postdata) {
	foreach($postdata as $key=>$value) {
		$str[] = sprintf("%s=%s",urlencode($key) , urlencode($value));
	}
	$poststr = implode("&",$str);
	return $poststr;
}
function check_otpw($otpw){
	global $agent,$cookiefile;
	$getto="http://photo.xuite.net/_my/if_auth";
	$referrer="http://photo.xuite.net";
	$getdata="otpw=$otpw";
	$cmd=sprintf("curl -d '%s' -D %s -A '%s' -e '%s' -s -G '%s'",$getdata,$cookiefile,$agent,$referrer,$getto);

	exec($cmd, $output);
	// 000 => 參數錯誤
	return strstr($output[3],'>200<');


}

function get_otpw($username, $password) {
	global $agent,$cookiefile;
	$postto="http://member.hinet.net/HiReg/authentication.jsp";
	// $postto="http://member.hinet.net/HiReg/authenticationv2";
	$referrer="http://member.hinet.net/HiReg/loginform2_mbr.jsp";
	// $cookiefile="/tmp/otpwcookies";
	// $agent="Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"; 

	$postdata=array("version" => "1.0",
			"curl" => "http://photo.xuite.net/@authorize",
			"siteid" => "50008",
			"sessionid" => "",
			"channelurl" => "",
			"others" => "",
			"checksum" => "139010b54ed577000253619a1a6ebd25",
			"loginurl" => "loginform2_mbr.jsp",
			"authtype" => "all",
			"sso" => "yes",
			"uid" => "",
			"pw" => "" );

	$postdata["uid"]=$username;
	$postdata["pw"]=$password;

	$poststr = postarr2str($postdata);

	$cmd = sprintf("curl -d '%s' -e '%s' -A '%s' -s -D %s %s",$poststr, $referrer, $agent, $cookiefile,  $postto);
	exec($cmd, $output);

	//print_r($output);
	/*
	   <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
	   <HTML><HEAD>
	   <TITLE>302 Moved Temporarily</TITLE>
	   </HEAD><BODY>
	   <H1>Moved Temporarily</H1>
	   The document has moved <A HREF="https://member.xuite.net/HiReg/setcookieservlet?curl=http://photo.xuite.net/@authorize&amp;channelurl=&amp;others=&amp;otpw=325a2ae9609b8481f9b9e72ee1a6702c&amp;DoubleCheckUid=happyman&amp;MemberSN=11848044&amp;CheckBox=null&amp;checksum=d2d132f8f6df04d0e0c467b9bd82f598&amp;siteid=50008&amp;loginurl=loginform2_mbr.jsp&amp;MemberInformation=%E8%9A%AF%E8%9A%93&amp;seqnum=1&amp;predomain=member.hinet.net">here</A>.<P>
	   <P>Additionally, a 302 Found
	 */
	foreach ($output as $k=> $val) {
		if (preg_match("/href=(.*)/i",$val,$mat)) {
			// echo $val;
			$followurl = $mat[1];
			//echo $followurl;
			if (preg_match("/&amp;otpw=(\w+)&amp;/",$followurl,$mat)){

				$otpw=$mat[1];
				echo "otpw=$otpw\n";
				return $otpw;
			}
		}
	}
	// echo "cannot authenticate! bye";
	return null;

	// 繼續 follow, 目前不需要, 不會到這邊來
	$cmd = sprintf("curl -b %s -D %s -s '%s'", $cookiefile,$cookiefile, $followurl);
	unset($output);
	exec($cmd, $output);

}



function list_ab($otpw) {
	global $agent,$cookiefile;
	$getto="http://photo.xuite.net/_my/if_query";
	$referrer="http://photo.xuite.net";
	$getdata="otpw=$otpw";
	$cmd=sprintf("curl -d '%s' -D %s -A '%s' -e '%s' -s -G '%s'",$getdata,$cookiefile,$agent,$referrer,$getto);

	// echo $cmd;
	unset($output);
	exec($cmd, $output);
	$total=count($output);
	for($i=3;$i<$total;$i++){
		/*
		   <album id="1930802">
		   [17] =>                             <title>真的嗎</title>
		   [18] =>                             <lastupdate>2007-08-18 16:43:18</lastupdate>
		   [19] =>                             <url>http://photo.xuite.net/happyman/1930802</url>
		   [20] =>                             <cover></cover>
		   [21] =>                     </album>

		 */
		if (preg_match("/m id=\"(\d+)\">/",$output[$i],$mat) &&
				preg_match("/le>(\S+)</",$output[$i],$mat2)	) {
			$album[$mat[1]]=$mat2[1];

		}

	} // end of for
	return $album;
}
function add_pic($otpw,$ab_id,$fpath,$title="",$desc="") {
	global $agent,$cookiefile;
	$postto="http://photo.xuite.net/_my/if_add_pic";
	$referrer="http://photo.xuite.net";
	$postdata=array("otpw"=>$otpw,
			"album_id"=>$ab_id,
			"title1"=>$title,
			"desc1"=>$desc,
			"s_mode"=>0); // 不調整大小
	$fields = "";
	foreach($postdata as $key=>$v) {
		if (!empty($v)) {
			$fields .= sprintf("-F %s=%s ",urlencode($key), urlencode($v));
		}
	}
	$fields .= "-F file1=@" . $fpath;

	$cmd = sprintf("curl -D %s -s -A '%s' -e '%s' %s '%s'",
			$cookiefile, $agent, $referrer, $fields, $postto);
	// echo $cmd;
	exec($cmd, $output);
	foreach($output as $line) {
		if (strstr($line,'s>220<'))
			return true;
	}
	// print_r($output);
	return false;
}

function add_ab($otpw,$title,$desc="",$vis=1,$passwd="",$is_review='Y',$is_cp='Y',$tpl='1') {
	global $agent,$cookiefile;
	$postto="http://photo.xuite.net/_my/if_add_ab";
	$postdata=array("otpw"=>$otpw,
			"ab_title"=>$title,
			"ab_desc"=>$desc,
			"ab_visbity"=>$vis,
			"ab_passwd"=>$passwd,
			"ab_is_review"=>$is_review,
			"ab_is_cp"=>$is_cp,
			"ab_tpl"=>$tpl);

	$referrer="http://photo.xuite.net";
	$poststr = postarr2str($postdata);
	$cmd= sprintf("curl -d '%s' -A '%s' -e '%s' -D %s -s '%s'",$poststr,$agent,$referrer,$cookiefile, $postto);
	// echo $cmd;
	unset($output);
	exec($cmd, $output);
	/*
Array
(
    [0] => <?xml version="1.0" encoding="UTF-8"?>
    [1] => <xuite>
    [2] => 	<photo>
    [3] => 		<album>
    [4] => 			<status>200</status>
    [5] => 			<id>3367328</id>
    [6] => 		</album>
    [7] => 	</photo>
    [8] => </xuite>
)

	 */
	return strstr($output[4],">200<");
}

?>
